WikiLeaks and Malware: Am I Safe on the Site?

WikiLeaks.org has made a name for itself as a go-to spot for otherwise unobtainable material. The site facilitates secret information exchange or “leaked” confidential material by way of anonymous posting. WikiLeaks first rose to prominence in December of 2007 when it posted the U.S. Army manual for soldiers dealing with prisoners at Camp Delta, Guantanamo Bay. Since then, the site has hosted everything from text messages sent by everyday people to highly-classified U.S. military documents.

More recently, WikiLeaks stole the national political limelight with its leak of Democratic National Committee emails. In July, nearly 20,000 emails containing 8,000 attachments sent or received by the DNC were uploaded to WikiLeaks. The information contained in those emails forced the resignation of then-DNC chairperson Debby Wasserman Schultz.

As journalists, politicians, and average citizens sifted through the communication, Google’s Transparency Report issued a warning for readers that suggested some of the uploads could contain malware. A specific malware issue was never named, but the mere allusion to it raised some red flags.

In an article for FoxNews.com, security researcher Josh Wieder said that he’s found malware inside other WikiLeaks documents, including Global Intelligence files that were uploaded in 2015. While Wieder does not go as far as to blame WikiLeaks, he does say that site users should really consider the source.

“Even if WikiLeaks does not know who is providing them with the DNC emails, it is within reason to suspect that the server hosting those files was compromised,” Wieder said in the interview.

In other words, there’s a reason why WikiLeaks does so much in secret. Some of the places that provide documents to the site are not necessarily ones you would want to access your personal and financial information. Organizations and individual users should be careful when collecting the latest leaks.

What Can WikiLeaks Users Do?

As far as industry experts can tell, simply going to the WikiLeaks website will not open the door for malware problems. The documents uploaded to the site, however, are a different story. WikiLeaks simply cannot know what is inside each document, so some of that anti-malware vigilance falls on the end user.

So how can you keep malware at bay while using WikiLeaks?

Install Anti-Virus/Malware Software (and keep it updated) – Talk with a firm that specializes in this type of security to make sure you are safe.

Secure Your Emails – If malware were to take hold of your device, you wouldn’t want your email data compromised. Use two-way encryption when possible.

Secure Your Internet Connection – Don’t trust your internet service provider to do this for you. Know the capabilities of your firewall and password-protected space and call on an expert cybersecurity firm to strengthen your network.

Assess Your Need – Do you really need to click on that WikiLeaks link or upload? If you’re a journalist and need the information for a story on it, then the answer is probably “yes.” If you’re just about anyone else, you can probably look for that journalist’s story later on and read about it that way. If you don’t need to read it or see it with your own eyes, just don’t click on it.

While WikiLeaks is our leading source for restricted materials related to war, spying, and corruption, its contents aren’t always safe. The site presents ample opportunity for malware to thrive, so safeguard your data and devices before you dive into the site’s juicy leaks.